Re: Keeping your Debian system secure =>why non-free
I'd understood this line as it's required to have a secure system. I
thought these non-free/contrib packages are inextricably involved.
On 11.09.2014 18:08, Thijs Kinkhorst wrote:
> On Wed, September 10, 2014 22:27, Yves-Alexis Perez wrote:
>>>> I'm adding debian-www (contact point for all web pages) to
>>>> CC: so they can get a look.
>>>
>>> This section is handled by the security team (people in the
>>> team have commit access), but if they feel the need to let
>>> someone else fix stuff on their behalf, they’re welcome to
>>> provide explicit guidance of what is to fix, and how.
>>
>> Is there anything else than CVS available in order to provide a
>> patch? I think removing the "contrib non-free" part would be ok
>> (and maybe add them to the security FAQ so people actually
>> interested by those suites can add the information themselves,
>> although I'm unsure what does the installer do right now).
>>
>> Team, what do you think?
>
> I think the original claim that this "recommends" or advocates
> non-free is firmly overstating things. The line just documents how
> you can use security updates and shows the suites that are
> available. If you don't want some of those suites it's trivial to
> leave them off.
>
> Seems like a non-issue to me. Has this actually caused a problem
> for someone?
>
>
> Cheers, Thijs
>
Reply to: